cURL / Mailing Lists / curl-and-php / Single Mail

curl-and-php

Re: COOKIE question

From: Dimitris Tripakis <DTripakis_at_pathfinder.gr>
Date: Mon, 6 Sep 2004 02:08:20 +0300

>BTW. You said you solved the problem in a latter message. Any chance you'll pass on the
>solution to the mailing list in case someone else is looking for something similar??

> Dan O.

I never managed to print the sent header, if thats what you mean. Nor with anything particularly
useful thats not already in the manuals. Anyway
here's what I came up with, maybe the functions to
get the header, the body and the cookie could save
some people some time:

First of all, this is a generic function to post
XML documents to an HTTPS server, include a cookie
and get the response as a string.

function xml_post($command) {
        global $_SESSION;
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, EPP_SERVER_URL);
        curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml; charset=UTF-8"));
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); //Disable server authentication
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //This makes curl_exec() to return a string with the response
        curl_setopt($ch, CURLOPT_POST, 1); //Default is GET, so we must set this.
        curl_setopt($ch, CURLOPT_POSTFIELDS, $command); //POST parameters
        curl_setopt($ch, CURLOPT_HEADER, 1); //Make sure the header is included in the response
        curl_setopt($ch, CURLOPT_COOKIE, $_SESSION['EPPCOOKIE']); //Send the cookie
        $res = curl_exec($ch);
        curl_close($ch);
        return $res;
}

Notes:
1. EPP_SERVER_URL is application-specific
2. VERIFYPEER is set to 0 because this is as I said
the development server. In my case, the production
server of the [.gr] domain has a certificate signed
by Verisign, therefore I *expect* no problems when VERIFYPEER is switched to 1, but havent tried it yet.
(for VERIFYPEER=1 to work, cacert.pem must be
downloaded and CURLOPT_CAPATH set to point to its
folder).
3. The development server has a self-signed certificate, I didnt go into the trouble of converting it to .pem, to see if it will work.
4. You ve *got* to know the content type of the
server you're talking to. The code above has text/xml
and UTF-8, maybe this is not your case. Also if it is
UTF-8, your pages must be UTF-8 if you re posting
stuff from user filled forms (otherwise Greek for
example wont work).

Now, from the returned $res above, we can extract the header and the body as following :

function xml_get_header($response) {

        //In this case, the response body begins with '<?xml'. You ve GOT to have a similar algorithm anyway.
        $pos = strpos($response, '<?xml');
        return substr($response, 0, $pos);
}

Similarly the rest of the response is the body:

function xml_get_body($response) {
        $pos = strpos($response, '<?xml'); return substr($response, $pos);
}

Finally, to get the cookie from the header (in my
case the cookie is guaranteed to end with 'Secure', otherwise you ve got to figure out how the cookie ends (try until the end of the line)) :

function xml_get_cookie($header) {
        $pos1 = strpos($header, "Set-Cookie:"); //Find the position of 'Set-Cookie:'
        if(!$pos1) {
                return false;
        }
        $pos1 += 11; //Move +11 to the end of 'Set-Cookie:'
        $pos2 = strpos($header, "Secure") + 6;
        return substr($header, $pos1, $pos2-$pos1);
}

NOTE that the cookie code is not good generic code,
its very application specific: If you want to do
the same, you should begin by using something like
the post function above to get the response and echo( )
it, then see how the cookies look like and get some
guarantees about the header's format (for example,
my guarantees were that 1. There's only one cookie,
2. Its always Secure. ...therefore I was lucky to
make it work easily.

C ya
Dimitris

______________________________________________________________________________________
http://mobile.pathfinder.gr - Pathfinder Mobile logos & Ringtones!
http://www.pathfinder.gr - Δωρεάν mail από τον Pathfinder!
Received on 2004-09-06